Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JBT18ExfGZcWp4NlGPb0J9dwH5U.roa
File: JBT18ExfGZcWp4NlGPb0J9dwH5U.roa (raw, json)
Hash identifier: xem1b+M3bOHELsNvbTXlmQ3qZwkJ6+qwMCPJ8gTYcPo=
Subject key identifier: 24:14:F5:F0:4C:5F:19:97:16:A7:83:65:18:F6:F4:27:D7:70:1F:95
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D7201C4C90C6982FADC459AB96BCE9
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JBT18ExfGZcWp4NlGPb0J9dwH5U.roa
Signing time: Wed 01 Jan 2025 21:48:08 +0000
ROA not before: Wed 01 Jan 2025 21:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203629
IP address blocks: 2a0c:77c1::/32 maxlen: 32
2a0c:77c2::/32 maxlen: 32
2a0c:77c3::/32 maxlen: 32
2a0c:77c4::/32 maxlen: 32
2a0c:77c5::/32 maxlen: 32
2a0c:77c6::/32 maxlen: 32
2a0c:77c7::/32 maxlen: 32
2a0d:3880::/32 maxlen: 32
2a0d:3881::/32 maxlen: 32
2a0d:3882::/32 maxlen: 32
2a0d:3883::/32 maxlen: 32
2a0d:3884::/32 maxlen: 32
2a0d:3885::/32 maxlen: 32
2a0d:3886::/32 maxlen: 32
2a0d:3887::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:20:1c:4c:90:c6:98:2f:ad:c4:59:ab:96:bc:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2414f5f04c5f199716a7836518f6f427d7701f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5c:ce:c3:33:45:39:07:09:5b:b7:39:2a:f7:
63:31:b4:89:b9:c8:8c:3b:be:e0:70:1d:01:cf:6f:
d8:e0:64:bc:1b:02:85:11:25:82:df:b2:5b:a5:9f:
0d:17:63:c3:b5:2a:d0:22:84:e1:a0:2b:75:35:b8:
ea:e6:2c:f3:99:16:50:f7:c8:69:d9:82:37:b7:e1:
fc:ed:53:44:f6:13:ce:ef:b5:92:f0:42:d3:1b:09:
71:f4:98:d5:c3:6c:0d:4d:4e:2c:de:25:71:fb:08:
7d:39:db:ea:f2:78:93:cd:9f:9d:6b:fe:9a:89:97:
1d:39:66:75:de:b4:09:63:b8:87:33:50:db:bf:c0:
3e:9c:f0:9c:62:b3:02:26:28:ca:a2:9a:71:8b:78:
6f:f3:33:3e:c8:fa:ed:be:b1:33:2e:42:4a:38:5d:
c4:33:d7:df:84:23:0d:46:5c:ae:59:ad:71:a4:bd:
81:9c:c4:41:0a:04:95:01:31:8d:aa:ba:31:0e:86:
47:ec:c7:b5:0f:83:53:b2:dc:d4:05:ba:a4:e2:a6:
c5:6e:44:6e:c8:10:83:e9:14:4e:b5:c4:27:10:3e:
02:e7:a0:1f:53:2a:6e:26:0c:73:09:70:dd:77:7a:
9d:95:df:9c:47:4f:9f:6d:24:a0:66:d2:94:3d:ce:
6b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:14:F5:F0:4C:5F:19:97:16:A7:83:65:18:F6:F4:27:D7:70:1F:95
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JBT18ExfGZcWp4NlGPb0J9dwH5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:77c1::-2a0c:77c7:ffff:ffff:ffff:ffff:ffff:ffff
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
b3:07:3c:95:fb:ad:d3:59:1e:a3:4f:c0:0e:79:99:28:11:81:
24:99:f0:a8:e3:c8:11:26:fa:de:75:30:31:71:98:02:12:d2:
55:9d:3a:39:4e:37:12:fc:bd:53:81:6a:07:05:2d:02:ce:90:
16:43:5b:ec:6a:0f:19:78:b5:e6:b6:da:c2:1e:29:e3:9f:f1:
9c:e2:13:33:99:e9:9d:b6:a9:5c:69:9f:a3:dc:42:42:68:02:
90:42:3f:a1:2e:8f:aa:7e:a5:8f:d8:96:86:bf:de:db:94:87:
dd:cf:1c:45:97:70:7f:ed:06:96:1c:ab:8d:d2:c9:c9:40:07:
db:c3:06:d1:0b:b9:2b:3e:ed:32:20:7a:f7:d1:78:6e:64:ce:
61:24:16:02:23:33:f4:68:63:ff:50:78:2e:c1:10:31:06:b3:
7a:97:c7:a3:fb:68:d5:74:41:fc:21:a3:1f:bb:35:c6:dd:df:
28:a7:06:55:41:5f:a6:a1:5e:d8:36:9f:50:7e:ff:6e:2a:04:
6e:5c:9f:8a:9a:52:7a:15:05:d7:4d:5c:45:ef:6d:21:c3:28:
26:9f:05:98:8e:b9:4b:7b:1e:d8:33:64:4a:b3:a4:46:d0:e1:
37:c0:05:ae:50:d0:cd:0f:87:67:d0:66:aa:5b:68:13:a0:10:
03:f2:56:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj1yAcTJDGmC+txFmrlrzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDE0ZjVmMDRjNWYxOTk3MTZhNzgzNjUxOGY2ZjQyN2Q3NzAxZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVzOwzNFOQcJW7c5KvdjMbSJuciM
O77gcB0Bz2/Y4GS8GwKFESWC37JbpZ8NF2PDtSrQIoThoCt1Nbjq5izzmRZQ98hp
2YI3t+H87VNE9hPO77WS8ELTGwlx9JjVw2wNTU4s3iVx+wh9Odvq8niTzZ+da/6a
iZcdOWZ13rQJY7iHM1Dbv8A+nPCcYrMCJijKoppxi3hv8zM+yPrtvrEzLkJKOF3E
M9ffhCMNRlyuWa1xpL2BnMRBCgSVATGNqroxDoZH7Me1D4NTstzUBbqk4qbFbkRu
yBCD6RROtcQnED4C56AfUypuJgxzCXDdd3qdld+cR0+fbSSgZtKUPc5rmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCQU9fBMXxmXFqeDZRj29CfXcB+VMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSkJUMThFeGZHWmNXcDRObEdQYjBKOWR3SDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQAqDHfB
AwUDKgx3wAMFAyoNOIAwDQYJKoZIhvcNAQELBQADggEBALMHPJX7rdNZHqNPwA55
mSgRgSSZ8KjjyBEm+t51MDFxmAIS0lWdOjlONxL8vVOBagcFLQLOkBZDW+xqDxl4
tea22sIeKeOf8ZziEzOZ6Z22qVxpn6PcQkJoApBCP6Euj6p+pY/Yloa/3tuUh93P
HEWXcH/tBpYcq43SyclAB9vDBtELuSs+7TIgevfReG5kzmEkFgIjM/RoY/9QeC7B
EDEGs3qXx6P7aNV0Qfwhox+7Ncbd3yinBlVBX6ahXtg2n1B+/24qBG5cn4qaUnoV
BddNXEXvbSHDKCafBZiOuUt7HtgzZEqzpEbQ4TfABa5Q0M0Ph2fQZqpbaBOgEAPy
Vh0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:45:51 2025 by rpki-client